In defense of nitpicking
I can vividly remember my first code review.
I sat down with two senior devs, handed them a stack of paper (yes, I am old enough to remember when reviews were an exercise in tree-killing) and was absolutely destroyed on things like code standards, functionality, and style. I won’t sugar coat it: it sucked. But, the quality of my code got better and better as I learned and grew as a developer. I wouldn’t be where I am today without those early code reviews to learn from.
My biggest takeaway: Don’t simply apply the changes blindly because someone more senior told you to, seek to understand why so you can provide similar insights to someone else in the future. I’m not advocating being pedantic for pedantry’s sake, but sitting down and really hashing out the reasoning behind a decision has helped me grow as a developer and as a learner.
So go forth, and pick those nits with the understanding that CRs are a collaborative effort that’s going to improve consistency and quality of code for everyone.
New Confluence vulnerability
An OGNL injection vulnerability is affecting Confluence Server and Data Centers, according to the CISA’s Known Exploited Vulnerabilities Catalog.
The TL;DC (too long, didn't click) is if you’re running a Confluence version before 6.13.23, from 6.14.0 before 7.4.11, from 7.5.0 before 7.11.6, or from 7.12.0 before 7.12.5, your instance could be at risk. Luckily, the vulnerability is fixed by updating to the latest version of Confluence.
The vulnerability can allow unauthenticated actors to execute arbitrary code in your Confluence instance (aka, corrupt or even steal your precious data).
Stay on top of those updates, folks (and maybe invest in a backup and recovery app for Confluence, just in case).